jon parise // saturday, december 7, 2013
Majordomo is a veteran mailing list manager. It's written almost entirely in Perl, I scripting language that I general attempt to avoid wherever possible. However, Majordomo has proven quite useful and flexible. On occasion, however, I find it lacking and attempt to correct or improve its behavior. Below are my various Majordomo hacks. Perhaps you'll find them useful in your own dealings with Majordomo.
As always, feel free to correct my Perl. Trust me, you won't hurt my feelings. =)
I maintain a number of mailing lists that rely on moderated postings and approved subscriptions. The Majordomo distributed includes a script named approve that vastly simplifies the moderation / approval process. For conveinece sake, I can execute it from within my mail client of choice, mutt, with the following macro binding:
macro pager A "|~/bin/approve\nd" "Majordomo approval"
I did encounter one major shortcoming in the approve script, however. It reads a list of mailing lists and passwords in the following format:
list-name password email@example.com
The problem lays in the fact that the script assumes that the same password will be used for both approvals and bounces. On our site (like most others, probably), these passwords are different. I modified the stock approve script to handle two different passwords with the following format:
list-name approve password1 firstname.lastname@example.org list-name admin password2 email@example.com
Note the addition of the new "Type" field, which allows you to specify the type of the following password. It can be set to either approve or admin.
I run Majordomo with Postfix, the secure mailer written by Wietse Venema. After a little research here and there, I learned that I could set up Majordomo without using its suid wrapper. Here's how to go about it:
Set up your aliases
When delivering mail locally, Postfix assumes the rights of the user who owns the aliases file to which the message is being delivered. That means that if you create a separate aliases file for Majordomo and set the ownership of that file to the Majordomo user, the Postfix delivery process (local) will delivery your Majordomo list messages as the Majordomo user. This is what you want.
Now that you have a separate aliases file for your Majordomo lists, each entry probably looks something like this:
test: "|/var/majordomo/wrapper resend -l test test-list" test-list: :include:/var/majordomo/lists/test test-request: "|/var/majordomo/wrapper request-answer test" test-approval: owner-test test-owner: owner-test owner-test: jon
The whole idea is to get rid of the suid wrapper, so change your entries to look something like this:
test: "|/var/majordomo/resend -l test test-list" test-list: :include:/var/majordomo/lists/test test-request: "|/var/majordomo/request-answer test" test-approval: owner-test test-owner: owner-test owner-test: jon
Make sure you update the aliases for the majordomo account, too:
Now build your new Majordomo aliases file using postalias:
And then set the ownership to the Majordomo user:
chown majordom /etc/mail/aliases.majordomo* chgrp majordom /etc/mail/aliases.majordomo*
Now you'll need to configure Majordomo to work properly in the new environment. You'll have to copy majordomo.cf to /etc, set the MAJORDOMO_CF environmental variable to point to the location of your majordomo.cf file, or modify the Majordomo Perl scripts and hardcode the location of your majordomo.cf file. I chose the last option, but the decision is up to you.
You'll also want to tighten the permissions on your Majordomo home directory. Make sure everything in that directory (including the directory itself) is owned by the Majordomo user and group. Then, change the permissions on the home directory to 0700. If you allow some users in your Majordomo group for administrative purposes, you can also change this to 0750. If you want those users to be able to edit the list configuration files, too, change the permissions on the lists subdirectory to 0770.
Now you'll need to inform Postfix of your new Majordomo aliases. This is done by modifying the value of alias_maps in main.cf:
alias_maps = dbm:/etc/mail/aliases, dbm:/etc/mail/aliases.majordomo
You'll need to restart Postfix for the new configuration changes to take effect:
That should be it. Your Majordomo installation should now be running without the aid of wrapper. If everything looks good, it's safe to remove the suid wrapper executable from your system:
chmod u-s /var/majordomo/wrapper
Copyright © 1997-2013 by
All rights reserved.
Last updated: June 20, 2002 02:07 EDT
Valid XHTML 1.0 // Valid CSS